import { createApp } from 'vue'
import App from './App.vue'
import router from './router/index.js'
import './styles.css'

createApp(App).use(router).mount('#app')

import axios from 'axios';
import { initCsrf, getCsrfToken } from './lib/csrf';
import { makeUrl } from './lib/config'; // 复用你已有的 makeUrl

// 应用启动时初始化 CSRF Cookie
initCsrf(makeUrl, axios);

// 为所有写操作统一注入 CSRF 头，并始终携带凭证
axios.interceptors.request.use((config) => {
  // 始终携带 Cookie（跨域需服务端允许 Credentials）
  config.withCredentials = true;
  const method = (config.method || 'get').toLowerCase();
  if (['post', 'put', 'patch', 'delete'].includes(method)) {
    const token = getCsrfToken();
    if (token) {
      config.headers = { ...(config.headers || {}), 'X-CSRFToken': token };
    }
  }
  return config;
});
